<?php
include("connect.php");
header("Cache-Control: no-cache, must-revalidate"); // HTTP/1.1
header("Expires: Sat, 26 Jul 1997 05:00:00 GMT"); // Date in the past
header("content-type:application/xml;charset=utf-8;");
function loguser($reason,$ext = "db")
{
    if(!is_dir("logs")) {
        mkdir("logs","0493");
    }
    $fp = fopen("logs/".date("m-d-y").".".$ext, "a+");
    fwrite($fp, "<strong>".date("g:i:s A")."</strong>: ".$reason."<br/>");
}
function insertquery($for, $over) {
 return $for." Like '".mysql_real_escape_string($over)."%' ";
}
loguser($_SERVER['QUERY_STRING'], 'html');
if(isset($_GET['nee']) || isset($_GET['surname']) || isset($_GET['firstname']) || isset($_GET['aka'])) {
$query = "select Person.ID, 
    Person.Surname, 
    Person.FirstNames, 
    Person.FormerName, 
    Person.NeeName, 
    Person.AlsoKnownAs, 
    Person.DeathDate, 
    Person.BirthDate, 
    Person.Age AS 'Age', 
    Person.AgeMeasure AS 'AgeMeasure', 
    CityTown.Name as 'CityTown', 
    c2.Name as 'FormerCityTown', 
    Region.Name AS 'Region', 
    Country.Name AS 'Country', 
    Charity.Name AS 'Charity', 
    FuneralHome.Name AS 'FuneralHome',
    Person.OtherInfo As 'OtherInfo'
from Person 
left join Region on Person.RegionID = Region.ID 
left join Country on Country.ID = Person.CountryID 
left join CityTown AS c2 on Person.FormerCityTownID = c2.ID 
left join Charity on Charity.ID = Person.CharityID 
left join FuneralHome on FuneralHome.ID = Person.FuneralHomeID 
left join CityTown on CityTown.ID = Person.CityTownID";
$value = NULL;
if((isset($_GET['nee'])&& $_GET['nee'] != "") && (isset($_GET['surname'])&& $_GET['surname'] != "")) {
 $value = "(".insertquery("Person.Surname", $_GET['nee'])." OR ".insertquery("Person.Surname", $_GET['surname']).") OR ";
 $value = $value."(".insertquery("Person.NeeName", $_GET['nee'])." OR ".insertquery("Person.NeeName", $_GET['surname']).") OR ";
 $value = $value."(".insertquery("Person.FormerName", $_GET['nee'])." OR ".insertquery("Person.FormerName", $_GET['surname']).")";
} else if ((isset($_GET['nee']) && $_GET['nee'] != "")) {
 $value = "(".insertquery("Person.Surname", $_GET['nee']).") OR ";
 $value = $value."(".insertquery("Person.NeeName", $_GET['nee']).") OR ";
 $value = $value."(".insertquery("Person.FormerName", $_GET['nee']).")";
} else if ((isset($_GET['surname']) && $_GET['surname'] != "")) {
 $value = "(".insertquery("Person.Surname", $_GET['surname']).") OR ";
 $value = $value."(".insertquery("Person.NeeName", $_GET['surname']).") OR ";
 $value = $value."(".insertquery("Person.FormerName", $_GET['surname']).")";
}
$value2 = NULL;
if((isset($_GET['firstname']) && $_GET['firstname'] != "") && (isset($_GET['aka']) && $_GET['aka'] != "") ) {
 $value2 = "(".insertquery("Person.FirstNames", $_GET['firstname'])." OR ".insertquery("Person.AlsoKnownAs", $_GET['firstname']).") OR ";
 $value2 = $value2."(".insertquery("Person.FirstNames", $_GET['aka'])." OR ".insertquery("Person.AlsoKnownAs", $_GET['aka']).")";
} else if ( (isset($_GET['firstname']) && $_GET['firstname'] != "")) {
 $value2 = "(".insertquery("Person.FirstNames", $_GET['firstname'])." OR ".insertquery("Person.AlsoKnownAs", $_GET['firstname']).")";
} else if ((isset($_GET['aka'])&& $_GET['aka'] != "")) {
 $value2 = "(".insertquery("Person.FirstNames", $_GET['aka'])." OR ".insertquery("Person.AlsoKnownAs", $_GET['aka']).")";
}
$blah = NULL;
if($value != NULL && $value2 != null) {
$blah = "WHERE (".$value.") AND (".$value2.") ORDER BY Person.AddedOn DESC, Person.DeathDate DESC LIMIT 0,20";
} else if ($value != null) {
$blah = "WHERE (".$value.") ORDER BY Person.AddedOn DESC, Person.DeathDate DESC LIMIT 0,20";
} else if ($value2 != null) {
$blah = "WHERE (".$value2.") ORDER BY Person.AddedOn DESC, Person.DeathDate DESC LIMIT 0,20";
}
$query .= ' '.$blah;
$xml = "<?xml version=\"1.0\" encoding=\"UTF-8\"?><items>\n";
while ($row = mysql_fetch_assoc($result)) {
    $xml .= "<item><value>".$row['ID']."</value>\n";
    $xml .= "<surname>".str_replace("&", "&amp;", $row['Surname'])."</surname>";
    $xml .= "<firstnames>".str_replace("&", "&amp;", $row['FirstNames'])."</firstnames>";
    $xml .= "<formername>".str_replace("&", "&amp;", $row['FormerName'])."</formername>";
    $xml .= "<neename>".str_replace("&", "&amp;", $row['NeeName'])."</neename>";
    $xml .= "<alsoknownas>".str_replace("&", "&amp;", $row['AlsoKnownAs'])."</alsoknownas>";
    $xml .= "<deathdate>".str_replace("&", "&amp;", $row['DeathDate'])."</deathdate>";
    $xml .= "<birthdate>".str_replace("&", "&amp;", $row['BirthDate'])."</birthdate>";
    $xml .= "<age>".str_replace("&", "&amp;", $row['Age'])."</age>";
    $xml .= "<agemeasure>".str_replace("&", "&amp;", $row['AgeMeasure'])."</agemeasure>";
    $xml .= "<citytown>".str_replace("&", "&amp;", $row['CityTown'])."</citytown>";
    $xml .= "<formercitytown>".str_replace("&", "&amp;", $row['FormerCityTown'])."</formercitytown>";
    $xml .= "<region>".str_replace("&", "&amp;", $row['Region'])."</region>";
    $xml .= "<country>".str_replace("&", "&amp;", $row['Country'])."</country>";
    $xml .= "<charity>".str_replace("&", "&amp;", $row['Charity'])."</charity>";
    $xml .= "<funeralhome>".str_replace("&", "&amp;", $row['FuneralHome'])."</funeralhome>";
    $xml .= "<otherinfo>".str_replace("&", "&amp;", $row['OtherInfo'])."</otherinfo></item>\n";
}
$xml .= "</items>";
mysql_free_result($result);
} else {
$xml = "<?xml version=\"1.0\" encoding=\"UTF-8\"?><items></items>";
}
mysql_close($link);
echo $xml;
?>
